Hospitals take steps to stop snoops

When word got out that Tiger Woods crashed his Cadillac Escalade outside his Isleworth home and ended up at Health Central Hospital the day after Thanksgiving, the tabloid media launched a ruthless hunt for his private medical records.

Celebrity gossip Web site TMZ, for example, flooded the Ocoee hospital's switchboard, attempted to get past security and even offered some of the hospital's hourly workers big payouts if they would provide access to the golfer's records, according to a hospital administrator.

"We received over 6,000 calls in a few hours," said Susan Jackson, senior vice president of patient services, of the media deluge. "TMZ was calling every number on our Web site; they were calling patient rooms. They were offering money or anything they could do for information."

In the end, the hospital fired several workers for snooping into Woods' private files, sources said. Jackson would not comment on whether employees were terminated.

The intense media firestorm prompted by Woods' fame exposed just how vulnerable private medical data can be — even for us average Janes and Joes.

Whether it's a seemingly harmless nosy neighbor who happens to work at a hospital or an identity thief attempting to access records, hospitals, doctors and others who keep patient data find they are spending more time and resources to protect that information from prying eyes.

Sure, we tend to hear about it when the privacy of mega-celebrities like Woods is violated. In California, Gov. Arnold Schwarzenegger even signed a new law into effect in 2008 that created harsh penalties for hospitals if their employees snoop on medical records after the files of his wife, Maria Shriver, were peeped at.

But more and more hospitals are investing in sophisticated systems that not only flag unauthorized activity on files that belong to high-profile patients, but to the rest of us as well.

Orlando Health, one of the region's two large hospital systems, recently purchased such a system and is implementing it now.

The software made by Fair Warning Software Inc. based in St. Petersburg will allow the hospital to audit and detect snooping on patient records — something it's already done for years — faster and more efficiently.

"I guess it's the difference between doing something with a typewriter and doing something with a laptop," said Orlando Health spokeswoman Kena Lewis.

Shane Whitlatch, Fair Warning senior vice president of global alliances and sales operations, said more and more hospitals are requesting programs that protect their everyday patients, not just the VIPs.

To put a stop to those nosy neighbors, for example, the company has a program that can match the addresses of hospital employees with addresses of patients and find instances in which an employee has accessed records of people who live within a certain radius of their own homes.

Another big concern, he said, is medical identity theft.

"We've heard of numerous cases where someone looked for people who lived in a certain area associated with wealth or they would target people staying in certain types of hospitals — like a heart hospital — so they could take that ID and go have that treatment," he said.

In other words, it's not just Tiger Woods who needs to watch out.

At Health Central, one of the area's smaller hospitals, the Woods incident prompted some new measures as well. While it has also always conducted audits of patient files to check for unauthorized access, it reevaluated the security of certain information that is sent through an automatic feed outside the hospital to those who need it, such as insurance companies.

It also developed a checklist, similar to a plan that might be enacted during a hurricane, only for an intense media blitz.